3

I just watched a video by Eben Moglen about the increasing surveillance of our connected network devices and a lot of what he said rang true. The video can be found here if you're interested. I'm not a network newbie but I'm curious about how anonymous and encrypted browsing works because currently the way I understand things is that this is not possible. Here's my current understanding.

My ISP always sits in the middle and no matter what traffic I send out and what traffic I receive it always passes through my ISP. Even if I tunnel my traffic through an encrypted connection through some other server my ISP would still be privy to the key exchange that established the initial encrypted tunnel so any subsequent traffic that passes through the encrypted tunnel might as well have been unencrypted. Do I understand things correctly or is there a piece I'm missing that actually makes my argument incorrect?

Improve this question

3 Answers 3

Reset to default
4

The initial key exchange is structured in such a way that it is not be possible for your ISP to determine the key, even if they have intercepted the entire key exchange process. This is possible because of asymmetric public-key cryptography.

In assymetric cryptography, data is encrypted and decrypted using different keys (unlike symmetric cryptography, where the same key is used for both). The encrypting and decrypting keys are related in such a way that it is not practical with present computers to calculate one from the other.

Public-key cryptography is the typical case of asymmetric cryptography where one key is the "Public" key and the other key is the "Private" key. When you connect to a computer on the internet using SSL, the server has a private key and your computer has a private key (generated by your browser for the connection). Your computer and the server exchange public keys, but do not need to send each other private keys. Your computer then encrypts data using the server's public key, and the data can be decrypted only with the server's private key. The reverse works as well: the server encrypts data with your public key, and only your private key can be used to decrypt it.

Because the private keys are never exchanged on the wire, your ISP cannot see them. Your ISP does see the public keys, but it is not possible to decrypt information using the public keys (only to encrypt it), so your ISP is unable to decrypt the information exchanged.

As an interesting note, public-key systems generally also work in reverse - the private key can be used to encrypt something, and it can then only be decrypted using the public key. This is how 'digital signatures' work - if the public key of a person or device successfully decrypts information, then you know that it was created by someone or something in possession of the private key.

Note that asymmetric encryption is much more processor intensive than symmetric encryption. To maximize performance, SSL uses asymmetric encryption only for the key exchange stage - your computer and the server create a temporary connection protected by asymmetric encryption in order to exchange a key that will be used to encrypt the actual connection symmetrically. The symmetric key is never revealed in plaintext though, so your ISP never sees it.

Asymmetric encryption is a very interesting system that is vital to security on the internet: it has the powerful property of allowing two parties to communicate securely without having to trust the messenger.

Improve this answer
3

There is a technique called "Diffie-Hellman key exchange" that solves the problem of an intermediate party intercepting encryption keys. SSH and many other protocols use it.

Your ISP and other intermediate hosts can see that you're doing a key exchange and/or setting up an encrypted session, however.

However, any of these:

  • mere presence of encrypted protocols on your wire
  • specific source or destination IP addresses involved
  • the time of the transmission
  • the amount of traffic sent encrypted

might be reveal information to an intercepting party, though, even if encryption is protecting your actual transport.

Improve this answer
0

The speaker in the video mentions the best security software available today, though PGP is not for browsing, it is for email. Still, PGP provides for all three major security concerns, message integrity (no one has modified the message), message confidentiality (no one can see what you have sent), and message authentication (the message is coming from the person and place it says it is coming from).

Browsing the net is a different story. Using an SSL connection (https instead of http) will prevent your ISP from seeing what you send / receive, but it will not prevent them from seeing who / where you are sending and receiving from / to. As of right now the only way to browse anonymously is to use a proxy server that cannot be tracked back to you or to spoof an IP address (which is in most cases illegal).

One note on SSL, SSL does not specify which level of encryption must be used, the server and the client must agree on the encryption algorithm to be used. If a weak encryption algorithm is used and a man-in-the-middle intercepts the message it is possible for the message to be decrypted.

Improve this answer

You must log in to answer this question.